Apache configuration and application
Project: Apache Access Control
First make an Apache environment
1 ping www.baidu/com
2 ifconfig
3 vi /etc/resolv.conf
4 ping www.baidu/com
5 ping www.baidu.com
6 vi /etc/resolv.conf
7 ping www.baidu.com
8 tar jxvf httpd-2.4.29.tar.bz2
9 tar zxvf apr-1.6.2.tar.gz
10 tar zxvf apr-util-1.6.0.tar.gz
11 mv apr-1.6.2 httpd-2.4.29/srclib/apr
12 mv apr-util-1.6.0 httpd-2.4.29/srclib/apr-util
13 yum -y install gcc gcc-c++ make pcre-devel expat-devel perl
14 cd httpd-2.4.29
15 ./configure --prefix=/usr/local/httpd --enable-so --enable-rewrite --enable-charset-lite --enable-cgi
16 make && make install
17 cd
18 cp /usr/local/httpd/bin/apachectl /etc/init.d/httpd
19 vi /etc/init.d/httpd
20 chkconfig --add httpd
21 systemctl start httpd
22 systemctl status httpd
23 ls -s /usr/local/httpd/conf/httpd.conf /etc/
24 ln -s /usr/local/httpd/conf/httpd.conf /etc/
25 vi /etc/httpd.conf
26 vi /etc/hosts
27 systemctl restart httpd
28 http -t
29 httpd -t
30 ln -s /usr/local/httpd/bin/* /usr/bin/
31 httpd -t
32 netstat -anpt | grep httpd
33 netstat -anpt | grep 80
34 apachectl -t
进入本地配置文件中 然后修改配置参数
Method 1: Search the htdocs directory and add under "AllowOverride None"
vi /usr/local/httpd/conf/httpd.conf
<Directory "/usr/local/httpd/htdocs">
Order deny,allow
Deny from 20.0.0.1/32
</Directory>
Method 2: Set control to the htdocs directory, increase the scope and reject ip:
<Directory "/usr/local/httpd/htdocs">
<RequireAll>
Require all granted
Require not ip 20.0.0.1/32
</RequireAll>
</Directory>
创建一个需要认证的tom用户
htpasswd -c /usr/local/httpd/conf/.awspwd tom
输入密码:abc123
查看创建的用户
[root@client1 ~]# cat /usr/local/httpd
tom:$apr1$V2DLN/xV$pv0ygMM7cN.HTY1dKW6H6/`
3、添加用户授权配置
搜索htdocs目录,在"AllowOverride None"下面添加:
vi /etc/httpd.conf
Order allow,deny
Allow from all
AuthName "www.aa.com"
AuthType Basic
AuthUserFile /usr/local/httpd/conf/.awspwd
Require valid-user
.....
# Require all granted 记得注释掉
systemctl stop httpd
systemctl start httpd
4、为了让客户机也能访问主机,添加一个映射
vi /etc/hosts
20.0.0.11 www.aa.com (末行添加)
Project log split
The third-party tool cronolog splits the log
1、先解压缩然后编译安装
tar zxvf cronolog-1.6.2.tar.gz
cd cronolog-1.6.2/
./configure
make && make install
2、
[root@client1 ~]# which cronolog
/usr/local/sbin/cronolog
ErrorLog "|/usr/local/sbin/cronolog logs/error.log_%Y-%m-%d "
CustomLog "|/usr/local/sbin/cronolog logs/access_log_%Y-%m-%d " common
Then check the log
Self-contained tool to split the log
rotatelogs segmentation tool
First look at the path [root@client1 ~]# which rotatelogs
/usr/bin/rotatelogs·
修改配置文件
vi /etc/httpd.conf
搜索ErrorLog "logs/error_log"
然后修改成为ErrorLog "|/usr/bin/rotatelogs -l logs/error_log_%Y-%m-%d 86400"
同上
在搜索
CustomLog修改成为CustomLog "|/usr/bin/rotatelogs -l logs/access_log_%Y-%m-%d 86400"
即可得到分割日志
Use cronolog for log separation
Unzip the package first
Compile and install
[root@client1 cronolog-1.6.2]# ./configure
creating cache ./config.cache
[root@client1 cronolog-1.6.2]# make && make install
[root@client1 ~]# which cron
crond cronolog cronosplit crontab
[root@client1 ~]# which cron
crond cronolog cronosplit crontab
[root@client1 ~]# which cronolog
/usr/local/sbin/cronolog
[root@client1 ~]#
[root@client1 ~]# vi /etc/httpd.conf Then modify the configuration parameters
[root@client1 ~]# cd /usr/local/httpd/logs/
[root@client1 logs]# ll
Same as above,
search for Custom and modify the configuration parameters
AWStats log analysis
Restore configuration:
ErrorLog "logs/error_log"
CustomLog "logs/access_log" common
[root@client1 logs]# apachectl -D DUMP_MODULES | grep cgi
[root@client1 logs]# ls /usr/local/httpd/moudles | grep cgi
ls: 无法访问/usr/local/httpd/moudles: 没有那个文件或目录
vi /etc/httpd.conf modify the configuration file to
set the group
[root@client1 local]# chown -R root.root awstats/
[root@client1 ~]# cd /usr/local/awstats/tools/
[root@client1 tools]# ./awstats_configure.pl
/usr/local/httpd/conf/httpd.conf
N
y
www.aa.com
回车
回车
把finish前的url的路径复制出来:
http://localhost/awstats/awstats.pl?config=www.aa.com
Delete the original log file
[root@client1 tools]# cd /usr/local/httpd/logs/
[root@client1 logs]# rm -rf error.log*
[root@client1 logs]# rm -rf access_log_*
[root@client1 logs]# ls -lh
Set up awstats configuration file
[root@client1 tools]# vi /etc/awstats/awstats.www.aa.com.conf
LogFile="/usr/local/httpd/logs/access_log"
DirData="/var/lib/awstats"
[root@server1 ~]# mkdir /var/lib/awstats
设置访问权限
[root@server1 tools]# vi /etc/httpd.conf
<Directory "/usr/local/awstats/wwwroot">
Options None
AllowOverride None
#Order allow,deny #'注释掉'
#Allow from all #'注释掉'
Require all granted #'添加'
[root@server1 ~]# systemctl restart httpd #重新生成日志文件
[root@server1 logs]# systemctl restart httpd
[root@server1 logs]# ls
access_log cgisock.17216 error_log httpd.pid www.abc.com.error_2020-12-6.log
[root@server1 ~]# cd /usr/local/awstats/tools/
[root@server1 tools]# chmod +x awstats_updateall.pl #设置运行权限